updating docs

jrogers512 · Aug 6, 2015 · a1eed2a · a1eed2a
1 parent 29e8789
commit a1eed2a
Show file tree

Hide file tree

Showing 4 changed files with 75 additions and 47 deletions.
diff --git a/ansible/playbooks/templates/mass_destruction.set.j2 b/ansible/playbooks/templates/mass_destruction.set.j2
@@ -1,4 +1,4 @@
-configure
 delete security policies
 delete security idp
 delete security application-firewall
+delete security nat
diff --git a/ansible/playbooks/wmd.yml b/ansible/playbooks/wmd.yml
@@ -1,6 +1,6 @@
 ---
 - name: Weapons of Mass Destruction
-  hosts: student_srxs
+  hosts: mysrx
   connection: local
   gather_facts: no
   vars:
@@ -10,7 +10,7 @@
 
   tasks:
     - name: Build Weapons
-      template: src=templates/mass_destruction.set.j2 dest={{build_dir}}/mass_destruction.set
+      template: src=templates/mass_destruction.set.j2 dest={{build_dir}}mass_destruction.set
 
     - name: Launch destruction
       junos_install_config: host={{ inventory_hostname }} user={{ junos_user }} passwd={{ junos_password }} file={{ build_dir }}/mass_destruction.set overwrite=no logfile=logs/{{ inventory_hostname }}.log
diff --git a/docs/disasterstrikes.md b/docs/disasterstrikes.md
@@ -9,3 +9,75 @@ Disaster Strikes
 Oh no! Your firewalls are now no longer passing traffic. A team member accidentally made a mass change via a poorly written script. Several configuration elements have been changed across your topology and now your customers are furious they can't look at the new trailer for **Star Wars X: War of Automaters**. Calls are coming in from all over and managers are streaming into the room to watch your every move. How can you solve this problem?
 
 ![Budgie Explosion](https://github.com/JNPRAutomate/AutomationMemes/blob/master/budgie_explosion.gif)
+
+
+Creating the Disaster
+-------
+
+Because our lab is in a closed environment we need to simulate the creation of a disaster. We will do this using the WMD Ansible playbook
+
+**Playbook Review**
+
+This playbook is fairly simple. We are going to use it to generate commands to delete some hirearchies of the configuration. Even though we are not actually generating a configuration we still run through the template building step to stay in form with the remainder of the playbooks.
+
+**Playbook**
+
+```yaml
+---
+- name: Weapons of Mass Destruction
+  hosts: mysrx
+  connection: local
+  gather_facts: no
+  vars:
+    junos_user: "root"
+    junos_password: "Juniper"
+    build_dir: "/tmp/"
+
+  tasks:
+    - name: Build Weapons
+      template: src=templates/mass_destruction.set.j2 dest={{build_dir}}mass_destruction.set
+
+    - name: Launch destruction
+      junos_install_config: host={{ inventory_hostname }} user={{ junos_user }} passwd={{ junos_password }} file={{ build_dir }}/mass_destruction.set overwrite=no logfile=logs/{{ inventory_hostname }}.log
+```
+
+**Mass Destruction Template**
+
+This is the template that we are using to build the commands. As you can see there is no templating we are using a straight configuration to delete parts of the configuration.
+
+```
+delete security policies
+delete security idp
+delete security application-firewall
+delete security nat
+```
+
+**Playbook Command**
+
+```
+vagrant@NetDevOps-Student:/vagrant/ansible$ ansible-playbook -i inventory.yml playbooks/wmd.yml
+```
+
+**Playbook Run Example**
+
+Once run the output should look like the following.
+
+```
+vagrant@NetDevOps-Student:/vagrant/ansible$ ansible-playbook -i inventory.yml playbooks/wmd.yml
+
+PLAY [Weapons of Mass Destruction] ********************************************
+
+TASK: [Build Weapons] *********************************************************
+ok: [172.16.0.1]
+
+TASK: [Launch destruction] ****************************************************
+changed: [172.16.0.1]
+
+PLAY RECAP ********************************************************************
+172.16.0.1                 : ok=2    changed=1    unreachable=0    failed=0
+
+```
+
+**Validating the playbook run**
+
+Once the playbook is run the NetDevOpsVM that sits behind your SRX should no longer have access to the rest of the lab.
diff --git a/docs/recoveringthelabnolic.md b/docs/recoveringthelabnolic.md
@@ -45,50 +45,6 @@ Almost all of the tasks are done using the Ansible playbook methodology of gener
 #- include: idp_policies.yml
 ```
 
-**Calling a script from a playbook**
-
-This play book will call the scripts the same way that we did from the command line. This allows us to reuse the tooling that was already built.
-
-```yaml
----
-- name: Install IDP Licenses
-  hosts: mysrx
-  connection: local
-  gather_facts: no
-  vars:
-    junos_user: "root"
-    junos_password: "Juniper"
-    build_dir: "/tmp/"
-
-  tasks:
-      - name: Install appsec Licenses
-        script: ../../tools/licensetool.py  --user {{ junos_user }} --password {{ junos_password }} --host {{ inventory_hostname }} --url http://10.10.0.10/license/appsecure.txt
-
-      - name: Install utm Licenses
-        script: ../../tools/licensetool.py  --user {{ junos_user }} --password {{ junos_password }} --host {{ inventory_hostname }} --url http://10.10.0.10/license/utm.txt
-
-```
-
-This play book follows the same idea, however it is used to download the security pack.
-
-```yaml
----
-- name: Install IDP Security Packages
-  hosts: mysrx
-  connection: local
-  gather_facts: no
-  vars:
-    junos_user: "root"
-    junos_password: "Juniper"
-    build_dir: "/tmp/"
-
-  tasks:
-      - name: Install package
-        script: ../../tools/idpsecpack.py --user {{ junos_user }} --password {{ junos_password}} --host {{ inventory_hostname }}
-
-
-```
-
 **Running the all Playbook**
 
 ```bash